At the inaugural CSX 2016 European Conference in London 31 October to 2 November, Raj Samani, Intel Security’s chief technology officer (CTO) of EMEA, and special advisor for the European CyberCrime Centre (EUROPOL), will provide his unique perspective as a participant supporting actual criminal enterprise takedowns, on who the bad actors are—their tactics, techniques and targeting mechanisms, and how to win the battle against them.
ISACA Now recently had a virtual sit-down with Samani to discuss his views on combatting ransomware, what it is like to be a CTO, and his advice for those starting out in the industry.
ISACA Now: So how do organizations combat ransomware?
Samani: I would say that basic cyber hygiene is imperative. This means making sure that backups are in place, minimizing permissions, up-to-date security software, awareness and so forth. Not the most glamorous answer, I realize, but being proactive is the first step. Should the worst happen, then determining whether decryption keys exist will be the first step. We have developed an online portal entitled nomoreransom.org. This is a public private partnership with Kaspersky Lab and law enforcement, which is the output of our collaboration. If we are able to disrupt criminal infrastructure and extract the decryption keys, we will make them freely available through the site.
ISACA Now: What’s a typical day in the life of a CTO?
Samani: The only constant is change. I would however stress that we are not defined by our job titles, and therefore, whether my business card says CTO or indeed anything else I don’t believe it should fundamentally change why we do what we do. I’ll give you an example. Before this role I was a CISO, and I would create spare time to do everything I could for the industry, notably through the ISSA and CSA. The role of CTO affords me the luxury of combining my desire to help push the industry forward (e.g. nomoreransom.org, supporting law enforcement, writing books) with my day job.
ISACA Now: You are at the pinnacle of your field. What advice would you give to students or industry newbies for advancing their careers and succeeding in the tech world?
Samani: That’s very kind of you, but honestly I don’t see a hierarchy in our industry and therefore don’t see myself at any pinnacle. Every single person in this industry is working toward creating a safer digital world which has to be our default moving forward. If I had to give anybody advice, I would encourage them to recognize our industry as more of a community. Seek out like-minded people to progress you forward; organizations such as ISACA are a tremendous example of providing the opportunity to interact with like-minded people. I know this helped me when I first started out.
ISACA Now: What will be the key takeaways from your session?
Samani: The industry is fighting back, but we need your help. Learn how you can get involved, and fundamentally be optimistic about the future.